nano /etc/yum.repos.d/CentOS-Base.repo

[base]
name=CentOS-$releasever – Base
baseurl=http://vault.centos.org/6.10/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

released updates

[updates]
name=CentOS-$releasever – Updates
baseurl=http://vault.centos.org/6.10/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

additional packages that may be useful

[extras]
name=CentOS-$releasever – Extras
baseurl=http://vault.centos.org/6.10/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

additional packages that extend functionality of existing packages

[centosplus]
name=CentOS-$releasever – Plus
baseurl=http://vault.centos.org/6.10/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

contrib – packages by Centos Users

[contrib]
name=CentOS-$releasever – Contrib
baseurl=http://vault.centos.org/6.10/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

Yada basitce sunu yapiniz

wget -O /etc/yum.repos.d/CentOS-Base.repo http://shukko.com/Centos-Base.repo
wget -O /etc/yum.repos.d/CentOS-SCLo-scl.repo http://shukko.com/CentOS-SCLo-scl.repo
wget -O /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo http://shukko.com/CentOS-SCLo-scl-rh.repo
yum clean all
yum -y update

directadminde /var/www/html php 7.3 calissin ama ana php surumu php 5.6 olsun , nasil mi ?

/etc/httpd/conf/extra/httpd-hostname.conf 

dosyasini editle

eger zaten php-fpm calistiriyorsan

proxy:unix:/usr/local/php73/sockets/webapps.sock

olarak guncelle

yok php-fpm degil mod_php calisiyor ise

artik oyle calistirma ya

aslinda php 5.x falan hic calistirma

8 cikti cikicak…

cikcikcik..

 ffmpeg -i Ralph.mkv -vcodec libx264 -crf 22 -preset:v veryfast -ac 2 -acodec aac -ab 128K -strict -2 output.mp4

mkdir /usr/local/directadmin/data/templates/custom/

chown diradmin.diradmin /usr/local/directadmin/data/templates/custom/

cd /usr/local/directadmin/data/templates/custom/

wget http://shukko.com/xmlrpcblock.tar.gz

tar zxvf xmlrpcblock.tar.gz

rm -rf xmlrpcblock.tar.gz

chmod 644 virtual_host2*

cd /usr/local/directadmin/custombuild/

./build rewrite_confs

proftpd kurulumu su sekildedir:

apt-get install proftpd

nano /etc/proftpd/proftpd.conf

ServerName “Debian”
DefaultRoot ~
Port 21
RootLogin off
AllowStoreRestart on

Bununla test et

proftpd -t

service proftpd restart

calistir gitsin

Sanal kullanicilar ile kolay kurulum duzenegi:

nano /etc/proftpd/proftpd.conf

DefaultRoot ~
RequireValidShell off
AuthUserFile /etc/proftpd/ftpd.passwd
AuthGroupFile /etc/proftpd/ftpd.group
AuthOrder mod_auth_file.c

Kullanici Olustur:

ftpasswd –passwd –file=/etc/proftpd/ftpd.passwd –name=test –uid=60 –gid=60 –home=/srv/ftp/test/ –shell=/bin/false

Grup Olustur:

ftpasswd –group –name=nogroup –file=/etc/proftpd/ftpd.group –gid=60 –member test

Bununla test et

proftpd -t

Sifre degistirmek icin:

ftpasswd –passwd –file=/etc/proftpd/ftpd.passwd –name=test –change-password

kullanici silmek icin:

ftpasswd –passwd –file=/etc/proftpd/ftpd.passwd –name=test –delete-user

Open the ProFTPd configuration in any text editor:

1	sudo nano /etc/proftpd/proftpd.conf

Specify the parameters:

12345

DefaultRoot ~RequireValidShell offAuthUserFile /etc/proftpd/ftpd.passwdAuthGroupFile /etc/proftpd/ftpd.groupAuthOrder mod_auth_file.c

As you can see, only module mod_auth_file.c is used for authorization of users, so logins and passwords are taken only from /etc/proftpd/ftpd.passwd file.

Now create an example user, test:

1	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --uid=60 --gid=60 --home=/srv/ftp/test/ --shell=/bin/false

After this command, the /etc/proftpd/ftpd.passwd file of the similar structure with /etc/passwd will be created.
UID and GID can be specified any, preferably except 0 (this is root) and those specified in /etc/passwd.
You can also specify the UID and GID similar to the user in /etc/passwd, for example, 33 as a www-data user, to provide similar rights to web files and specify the home directory of /var/www.
You can create users with the same UID and GID, different home directories and taking into account that they are not allowed to go above their directory level (DefaultRoot ~ parameter in the server configuration).

Create an ftpd.group file:

1	sudo ftpasswd --group --name=nogroup --file=/etc/proftpd/ftpd.group --gid=60 --member test

Let’s check the configuration:

1	sudo proftpd -t

Restart ProFTPd to apply the changes:

1	sudo /etc/init.d/proftpd restart

Since the passwords in the file are stored in encrypted form, you can change the password to the user as follows:

1	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --change-password

You can lock/unlock the user (add/remove the ! character in the ftpd.passwd file before the password hash, thereby making it impossible for the user to connect):

12	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test2 --locksudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --unlock

You can delete the user as follows:

1	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --delete-user

Open the ProFTPd configuration in any text editor:

1	sudo nano /etc/proftpd/proftpd.conf

Specify the parameters:

12345

DefaultRoot ~RequireValidShell offAuthUserFile /etc/proftpd/ftpd.passwdAuthGroupFile /etc/proftpd/ftpd.groupAuthOrder mod_auth_file.c

As you can see, only module mod_auth_file.c is used for authorization of users, so logins and passwords are taken only from /etc/proftpd/ftpd.passwd file.

Now create an example user, test:

1	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --uid=60 --gid=60 --home=/srv/ftp/test/ --shell=/bin/false

After this command, the /etc/proftpd/ftpd.passwd file of the similar structure with /etc/passwd will be created.
UID and GID can be specified any, preferably except 0 (this is root) and those specified in /etc/passwd.
You can also specify the UID and GID similar to the user in /etc/passwd, for example, 33 as a www-data user, to provide similar rights to web files and specify the home directory of /var/www.
You can create users with the same UID and GID, different home directories and taking into account that they are not allowed to go above their directory level (DefaultRoot ~ parameter in the server configuration).

Create an ftpd.group file:

1	sudo ftpasswd --group --name=nogroup --file=/etc/proftpd/ftpd.group --gid=60 --member test

Let’s check the configuration:

1	sudo proftpd -t

Restart ProFTPd to apply the changes:

1	sudo /etc/init.d/proftpd restart

Since the passwords in the file are stored in encrypted form, you can change the password to the user as follows:

1	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --change-password

You can lock/unlock the user (add/remove the ! character in the ftpd.passwd file before the password hash, thereby making it impossible for the user to connect):

12	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test2 --locksudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --unlock

You can delete the user as follows:

1	sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --delete-user

ftpasswd is a script written in Perl, usually located in /usr/sbin/ftpasswd.

lsof en sevdigim komuttur.

lsof -c httpd | grep cwd demek cok nefis birseydir.

fazlasi icin buraya bakabilirim sonra

/etc/system_filter_exim

ekle:::

if first_delivery
and (
("$h_from:" matches ".+@.+\\\\.ml[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ro[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.stream[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gr[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ca[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gen.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ua[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.net.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ar[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.be[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.id[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pl[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.au[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.cz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ir[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ae[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.mx[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.br[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.uk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.jp[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ci[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.download[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ug[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.kz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.se[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.hk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ke[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ce[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.pe[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.tv[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.my[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.xyz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.ph.tk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.sk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pe[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.me[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.th[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.hr[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.cl[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.host[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ga[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ml[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.online[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.win[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.top[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.bid[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.us[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.tk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.site[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.club[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.info[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.click[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.space[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gdn[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.fun[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.rest[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.best[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pro[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.monster[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.live[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pw[^a-zA-Z0-9_]")

)
then
seen finish
endif

Openvz icin bir iki komut.

vzlist -o ctid,laverage

node ustundeki containerlerin yuk durumunu listele

-------------------

vzlist -H -o veid,hostname,diskspace | awk '{ printf("%d\t%s\t%.2f GB\n", $1, $2, $3/(1024*1024))}'

node ustundeki aktif containlerin ne kadar disk kullandigini listele

---

vzlist -H -o veid,hostname,diskspace | awk '{ printf("%d\t%s\t%.2f GB\n", $1, $2, $3/(1024*1024))} {sum += $3} END {printf("Total disk usage: %.2f GB\n", sum/(1024*1024))}'

yukaridakine ek toplam kullanilan disk alaninida goster.

If you want help your router to support 2x DDoS you’re receiving now, disable route cache. You will see your cpu usage immediately goes down.

Put rp_filter in loose mode and enable tcp syncookie.

Set (only if you use router as border one and you not do nat or similar services)
/ip firewall connection tracking set enabled=no

Use only raw rules and setup something like this:

/ip firewall raw
add    chain=prerouting action=jump jump-target=udp-filters in-interface=NETIX log=no log-prefix="" protocol=udp

add    chain=prerouting action=jump jump-target=tcp-filters in-interface=NETIX log=no log-prefix="" protocol=tcp

add   chain=udp-filters action=accept in-interface=NETIX src-port=53 limit=2500,100:packet log=no log-prefix="" protocol=udp

add    chain=udp-filters action=drop in-interface=NETIX src-port=53 log=no log-prefix="" protocol=udp

add  chain=udp-filters action=drop in-interface=NETIX src-port=389 log=no log-prefix="" protocol=udp comment=LDAP

add  chain=udp-filters action=drop in-interface=NETIX src-port=80 log=no log-prefix="" protocol=udp comment="UDP SRC 80"

add  chain=udp-filters action=drop in-interface=NETIX src-port=443 log=no log-prefix="" protocol=udp comment="UDP SRC 443"

add  chain=udp-filters action=drop in-interface=NETIX dst-port=80 log=no log-prefix="" protocol=udp comment="UDP DST 80"

add  chain=udp-filters action=drop in-interface=NETIX dst-port=443 log=no log-prefix="" protocol=udp comment="UDP DST 443"

add    chain=udp-filters action=notrack log=no log-prefix=""

add    chain=tcp-filters action=notrack log=no log-prefix=""

add    chain=prerouting action=notrack log=no log-prefix=""

/ip firewall filter

add chain=forward protocol=tcp tcp-flags=syn,rst action=drop

You will block most know UDP Amplification script.

this is the best configuration we found to allow MT absorb attacks, you can’t get better performance.

Now to do real tcp mitigation you should apply an external device (in line or out of line is your choice) to filter some more specific packets (strings, ttl, flags…). If you not feel safe to use in line, consider to use fastnemon that detect a ddos and inject a route to forward /32 to that device.

Or if you have a budget, choose a company that does ddos mitigation and you will sleep better

umount /mnt
fdisk /dev/vdb
g
w
fdisk /dev/vdb
n
w
mkfs.ext4 /dev/vdb1
nano /etc/fstab
/dev/vdb1 /home ext4 defaults 0 1
mount -a
reboot